MI SB0632

Creates a cybersecurity council within the department consisting of 11 members: 5 state officials (directors of departments and CEO of Michigan Economic Development Corporation) and 6 governor-appointed members representing higher education, community colleges, and business sectors (hospitals, retail, finance, and general business).

Council members serve 4-year terms with staggered initial appointments (2, 3, and 4 years respectively) and may be removed by the governor for incompetence, malfeasance, or other good cause; members serve without compensation but may be reimbursed for actual and necessary expenses.

Council must meet at least quarterly, comply with open meetings requirements, and establish bylaws including election of chairperson and other officers; a majority constitutes a quorum with majority vote required for official actions.

Exempts from public disclosure under the Freedom of Information Act: records of cybersecurity measures, security designs, emergency response plans, threat assessments, cybersecurity vulnerabilities, and information that could identify persons vulnerable to cybersecurity incidents or expose organizational IT infrastructure details.

Requires annual reports by December 1 to state leadership and relevant legislative committees detailing activities on state cybersecurity infrastructure, partnerships with government and business, and acceleration of cybersecurity as an industry; council must create a voluntary program recognizing entities with exemplary cybersecurity practices.